<div style="margin:20px 0 0 200px"> To view the site, enable JavaScript by changing your browser options, then <a href="">Try Again</a>.</div>

Android hacking "APK"

Android hacking 'APK'

Hacking an Android APK file involves that we decompile, hack it, and recompile, essentially reverse engineering an apk file. Very few people actually explore the possibility of android hacking. Here's a brief overview on this-

APK format

Apps in Android have an extension of .apk format - which is basically a special .zip container that is signed with a certificate. The signer could be somebody like Google Apps Store. The idea is that modifying the .apk file means the signature is invalidated, to prevent installation of modified apps.

Modifications

Modifying an APK file is somewhat difficult, depending on the quality of the app. The Dalvik (Android's virtual machine), prevents code obfuscation – which is the deliberate act of creating hard to understand code. Since the Dalvik supports reflection, and the virtual machine has to be able to interpret the byte code, no obfuscation can ever hope to compete.

Reflection is the ability of a computer program to examine and modify the structure and behavior – specifically the values, meta-data, properties and functions of an object at runtime. Obfuscation products like ProGuard may become more advanced with time but intense obfuscation will likely have a very negative impact on performance.

ProGuard is a free Java class file shrinker, optimizer, obfuscator, and preverifier. It detects and removes unused classes, fields, methods, and attributes. It optimizes bytecode and removes unused instructions. It renames the remaining classes, fields, and methods using short meaningless names. Finally, it pre verifies the processed code for Java 6 or for Java Micro Edition.

Suppose an APK file is present, we want to decompile it into something like assembly language. We can do that using the APK Tool, which turns decompiles it into a folder with small files.

Then we dig through the small code and make change to get our desired results.

We recompile the small file into APK file, install and test it on the emulator and then convert it back to ap form.

Tools required

Usage

To run the Android emulator, use their Android Virtual Devices Manager. Make a choice in what you want your device to be; just keep in mind the higher the resolution the slower it’ll be. Expect the emulator to run with heavy lag.

In this terminal, there are some commands you want to be familiar with.

Command

Effect

  • abd install [..\location\someapp.apk] Installs to emulator. Make sure emulator is on!
  • adb uninstall [com.someapp] Exactly what to type requires a bit of work, it's basically the path the android uses. I'll describe it more later.
  • apktool.bat d someapp.apk dump- someapp Decompiles your APK to smali files
  • apktool.bat b dump- someapp someapp-new.apk Rebuild the edited smali files
  • java –classpath testsign.jar testsign someapp-new.apk Fake sign the file with some certificate, so that when we install, emulator goes "oh ok here's the signature, and it matches the file, we can proceed."

Digging decompilation

Start at a point, such an error message, and work backwards. Say the message "Invalid serial key entered!" – trace that back to where the key gets checked.

When bypassing things like serial key checks, look for check conditions:

  • If-eq
  • If-ne
  • If-nez
  • If-eqz

Since applications don't have a console to print to, you could have it print to logs!

Other Hacking Tools

Explore All Hacking Tools »
UFTP - UDP based FTP with encryption
UFTP - UDP based FTP with encryption
Read Details »
Executable Compression demystified
Executable Compression demystified
Read Details »
BitCracker – Password Cracking Tool
BitCracker – Password Cracking Tool
Read Details »
BloodHound – Red / Blue teaming tool for AD attacks
BloodHound – Red / Blue teaming tool for AD attacks
Read Details »

Research Articles

Read All Research Articles »
Cyber Criminals are turning into Cryptominers, Dominating Cyber Threat Landscape
Cyber Criminals are turning into Cryptominers, Dominating Cyber Threat Landscape

According to Check Point, during the period July to December 2017, one in five Organizations are affected by crypto mining malware, tools that enable cybercriminals to hijack the victim's CPU or GPU power and existing resources to mine cryptocurrency, using as much as 65% of the end-users CPU power.

Read Details

Breaking News

Breaking News Of Each Month »
85 password stealing apps found on Google Playstore
85 password stealing apps found on Google Playstore

Security researchers discovered malicious apps designed to steal credentials from users have been downloaded million times from Google play store. Among these, the most popular app is a gaming app.

Read Details